|Autor:||T. Neudecker, P. Andelfinger, H. Hartenstein||Links:||Volltext (PDF)Bitcoin Network MonitoringPräsentation (PDF)|
|Quelle:||13th IEEE International Conference on Advanced and Trusted Computing (ATC 2016), Toulouse, France, Juli 2016|
Flooding Peer-to-Peer (P2P) networks form the basis of services such as the electronic currency system Bitcoin. The decentralized architecture enables robustness against failure. However, knowledge of the network's topology can allow adversaries to attack specific peers in order to, e.g., isolate certain peers or even partition the network. Knowledge of the topology might be gained by observing the flooding process, which is inherently possible in such networks, and performing a timing analysis on the observations. In this paper we present a timing analysis method that targets flooding P2P networks and show its theoretical and practical feasibility. A validation in the real-world Bitcoin network proves the possibility of inferring network links of actively participating peers with substantial precision and recall (both ~40%), potentially enabling attacks on the network. Additionally, we analyze the countermeasure of trickling and quantify the tradeoff between the effectiveness of the countermeasure and the expected performance penalty. The analysis shows that inappropriate parametrization can actually facilitate inference attacks.